Texas Tech University’s Health Sciences Centers (HSCs) in Lubbock and El Paso are reeling from a recent cyberattack that has exposed the sensitive data of 1.4 million patients. The breach, which occurred between Sept. 17 and 29, allowed cybercriminals to access certain files and folders from the university’s medical environments, compromising a wealth of valuable information that could be exploited for various malicious purposes.
The stolen data includes patient names, dates of birth, Social Security numbers, driver’s license numbers, financial data, medical information, billing and insurance data, medical records numbers, and more. This type of information is highly sought after by cybercriminals due to its potential for use in social engineering attacks, identity theft, and other fraudulent activities.
According to Brian Higgins, a security specialist at Comparitech, the healthcare sector has long been a prime target for cybercriminals due to the abundance of sensitive data it holds. The large amount of information available in healthcare systems makes breached organizations more vulnerable to ransom demands and individual victims more susceptible to follow-up attacks seeking personal information.
In a disturbing turn of events, a ransomware group called Interlock has claimed responsibility for the hack, stating that they stole 3.2 terabytes of data from the Red Raiders. While Texas Tech University’s Health Sciences Centers (HSCs) have not confirmed this claim, it remains one of the most significant medical data breaches of 2024. Interlock, a new ransomware gang, has been actively targeting organizations and adding victims to its leak site since October.
In response to the cyberattack, Texas Tech University’s HSCs are taking steps to mitigate the damage and prevent future incidents. The school is in the process of notifying individuals affected by the breach and is offering free credit monitoring services to help protect against identity theft. Additionally, the HSCs are conducting a thorough review of their security policies and procedures and implementing additional safeguards to enhance their system protection and monitoring.
Affected individuals are urged to monitor their credit reports, bank accounts, and health insurance statements for any signs of suspicious activity or fraud. It is crucial for victims of the breach to remain vigilant and report any unusual behavior related to their personal information.
As the frequency of cyberattacks targeting healthcare organizations continues to rise, there is a growing need for heightened security measures to combat the evolving threat landscape. With the stakes so high and the potential for harm so great, it is imperative that institutions like Texas Tech University prioritize cybersecurity to protect their patients and uphold their duty to safeguard sensitive data.